Total
1222 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1166 | 1 X | 1 X.org | 2024-11-21 | 7.1 HIGH | N/A |
The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition. | |||||
CVE-2010-1158 | 1 Perl | 1 Perl | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string. | |||||
CVE-2010-1103 | 1 Mesadynamics | 1 Stainless | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in Stainless allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
CVE-2010-1102 | 1 Omnigroup | 1 Omniweb | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in OmniWeb allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
CVE-2010-1101 | 1 Icab | 1 Icab | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in Alexander Clauss iCab allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
CVE-2010-1100 | 1 Arora-browser | 1 Arora | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
CVE-2010-1099 | 1 Apple | 1 Safari | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
CVE-2010-1085 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 HIGH | N/A |
The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error. | |||||
CVE-2010-1028 | 2 Microsoft, Mozilla | 3 Windows Vista, Windows Xp, Firefox | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0. | |||||
CVE-2010-0830 | 1 Gnu | 1 Glibc | 2024-11-21 | 5.1 MEDIUM | N/A |
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header. | |||||
CVE-2010-0827 | 1 Tug | 2 Tetex, Tex Live | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file. | |||||
CVE-2010-0816 | 1 Microsoft | 10 Outlook Express, Windows 2000, Windows 2003 Server and 7 more | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability." | |||||
CVE-2010-0766 | 1 Luxology | 1 Modo | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in the Swap4 function in valet4.dll in Luxology Modo 401 allows user-assisted remote attackers to execute arbitrary code via a .LXO file containing a CHNL subchunk associated with an invalid length. | |||||
CVE-2010-0739 | 1 Tug | 2 Tetex, Tex Live | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-0733 | 1 Postgresql | 1 Postgresql | 2024-11-21 | 3.5 LOW | N/A |
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations. | |||||
CVE-2010-0662 | 1 Google | 1 Chrome | 2024-11-21 | 5.0 MEDIUM | N/A |
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization. | |||||
CVE-2010-0658 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | 9.3 HIGH | N/A |
Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements. | |||||
CVE-2010-0649 | 1 Google | 1 Chrome | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages. | |||||
CVE-2010-0646 | 1 Google | 1 Chrome | 2024-11-21 | 10.0 HIGH | N/A |
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays. | |||||
CVE-2010-0645 | 1 Google | 1 Chrome | 2024-11-21 | 9.3 HIGH | N/A |
Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays. |